Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. Veritas NetBackup™ Cloud Administrator's Guide
  5. Configuring cloud storage in NetBackup
  7. About the NetBackup CloudStore Service Container
  9. NetBackup CloudStore Service Container security certificates
Veritas NetBackup™ Cloud Administrator's Guide

NetBackup CloudStore Service Container security certificates

The NetBackup CloudStore Service Container requires a digital security certificate so that it starts and runs. How the security certificate is provisioned depends on the release level of NetBackup, as follows:

NetBackup 8.2 and later

The NetBackup hosts that run the CloudStore Service Container require a host ID-based certificate. You may have to install the certificate on those hosts.

See Deploying host ID-based certificates.

If the NetBackup master server is clustered, you must ensure that the active node and the passive nodes have the host-ID based certificate. See the NetBackup Security and Encryption Guide for more information.

NetBackup 8.0 to 8.1.2

The NetBackup hosts that run the CloudStore Service Container require both a host ID-based certificate and a host name-based certificate. You may have to install the certificates on those hosts.

See Deploying host name-based certificates.

See Deploying host ID-based certificates.

If the NetBackup master server is clustered, you must ensure that the active node and the passive nodes have both host named-based and host-ID based certificates. See the NetBackup Security and Encryption Guide for more information.

NetBackup 7.7 and 7.7.x

The NetBackup hosts that run the CloudStore Service Container require a host name-based certificate. You must use a command to install it on a media server.

See Deploying host name-based certificates.

Note:

You do not need to generate a security certificate, if you have already generated it before configuring the cloud storage.

The host name-based security certificates expire after one year. NetBackup automatically replaces existing certificates with new ones as needed.

Note:

The security certificates that are provisioned for other NetBackup features or purposes satisfy the certificate requirement for the NetBackup CloudStore Service Container. The NetBackup Access Control feature uses security certificates, and the NetBackup Administration Console requires security certificates for interhost communication.

If the NetBackup master server is clustered, you must ensure that the active node and the passive node have host named-based certificates.

See the NetBackup Security and Encryption Guide for more information.

Where the media server security certificates reside depend on the release level of NetBackup, as follows:

NetBackup 7.7 to 8.1.2

The certificate name is the host name that you used when you configured the NetBackup media server software on the host. The path for the certificate is as follows, depending on operating system:

  • UNIX/Linux: /usr/openv/var/vxss/credentials

  • Windows: install_dir\Veritas\NetBackup\var\VxSS\credentials

See About the NetBackup CloudStore Service Container.

Feedback

Was this page helpful?
Previous

About the NetBackup CloudStore Service Container

Next

NetBackup CloudStore Service Container security modes

Feedback

Was this page helpful?